On 10/6/25 05:36, Greg wrote:
On 2025-10-06, David Christensen <[email protected]> wrote:
On 10/5/25 05:12, Greg wrote:
On 2025-10-05, David Christensen <[email protected]> wrote:
Encrypting "at-rest data" is the starting point -- e.g. the disks are
powered off and an adversary tries to access the computer and/or disks.
<snip>
data inaccessible). When I tried moving a password-enabled SED between
computers, I could not unlock the SED in the destination computer. I
That's a relief.
I tried with only two computers and still am not certain if it was a
bug, a feature, or PEBKAC. Look up the SED standards if it matters.
I did a little bit, and you'd need to reveal at least the drive model,
how it was locked, the OS on the target computer, and maybe something I
haven't thought of in order to eliminate the uncertainty.
Computer #1: Intel DQ67SW motherboard
Computer #2: Dell Latitude E6520
SSD: Intel SSD 520 Series
All SED operations were done via the BIOS/UEFI Setup (set/clear
password) or POST (enter password).
The TPM chip was disabled via Setup in both computers.
Once the drive was unlocked, the OS (Windows, Debian) just saw it as a
regular drive.
David
